﻿using sourcephi.Models;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net.Mail;
using System.Web;
using System.Web.Mvc;
using System.Web.Security;


namespace sourcephi.Controllers
{
    public class LoginController : Controller
    {
        //
        // GET: /Login/
        // 密碼雜湊所需的 Salt 亂數值
        private Models.sourceEntities db = new Models.sourceEntities();
        //private string pwSalt = "A1rySq1oPe2Mh784QQwG6jRAfkdPpDa90J0i";

        public ActionResult Index(string returnUrl)
        {
            ViewBag.ReturnUrl = returnUrl;
            return View();
        }

        [HttpPost]
        public ActionResult Index(string loginname, string psw, string returnUrl)
        {
            if (ValidateUser(loginname, psw))
            {
                FormsAuthentication.SetAuthCookie(loginname, false);

                if (String.IsNullOrEmpty(returnUrl))
                {
                    var renyuan = (from p in db.renyuan
                          where p.loginname == loginname && p.psw == psw
                          select p).FirstOrDefault();
                    if (renyuan.roletype==1)
                    {
                        Session["dept"] = "管理员";
                        Session["roletype"] = "1";
                        //todo 管理员权限登录界面
                        return RedirectToAction("Dftongji", "Dafen");
                    }
                    else if (renyuan.roletype == 2)
                    {
                        Session["dept"] = "网络中心";
                        Session["roletype"] = "2";
                        //todo 中心领导权限登录界面
                        return RedirectToAction("Dftongji", "Dafen");
                    }
                    else if (renyuan.roletype == 3)
                    {
                        Session["dept"] = renyuan.dept;
                        Session["roletype"] = "3";
                        //todo 部门领导权限登录界面
                        return RedirectToAction("Dftongji", "Dafen");
                    }
                    else if (renyuan.roletype == 4)
                    {
                        Session["dept"] = renyuan.dept;
                        Session["roletype"] = "4";
                        //todo 工程师权限登录界面
                        return RedirectToAction("Dftongji", "Dafen");
                    }
                    
                }
                else
                {
                    return Redirect(returnUrl);
                }
            }

            return View();
        }

        private bool ValidateUser(string loginname, string psw)
        {
            //var hash_pw = FormsAuthentication.HashPasswordForStoringInConfigFile(pwSalt + psw, "SHA1");
            var hash_pw = psw;

            var renyuan = (from p in db.renyuan
                          where p.loginname == loginname && p.psw == hash_pw
                          select p).FirstOrDefault();

            // 如果 member 物件不為 null 則代表會員的帳號、密碼輸入正確
            if (renyuan != null)
            {
                if (renyuan.islock == true)
                {
                    Session["loginname"] = loginname;
                    return true;
                }
                else
                {
                    ModelState.AddModelError("", "您的账户已被锁定！");
                    return false;
                }
            }
            else
            {
                ModelState.AddModelError("", "您输入的用户名密码错误！");
                return false;
            }
        }


    }
}
